517 matches found
ROOT-OS-UBUNTU-2404-CVE-2025-21875 CVE-2025-21875 in rootio-linux - Patched by Root
Root has patched CVE-2025-21875 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43169 CVE-2026-43169 in rootio-linux - Patched by Root
Root has patched CVE-2026-43169 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39894 CVE-2025-39894 in rootio-linux - Patched by Root
Root has patched CVE-2025-39894 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40283 CVE-2025-40283 in rootio-linux - Patched by Root
Root has patched CVE-2025-40283 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23468 CVE-2026-23468 in rootio-linux - Patched by Root
Root has patched CVE-2026-23468 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2204-CVE-2024-49937 CVE-2024-49937 in rootio-linux - Patched by Root
Root has patched CVE-2024-49937 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-68322 CVE-2025-68322 in rootio-linux - Patched by Root
Root has patched CVE-2025-68322 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
GHSA-XHF5-7WJV-PQXP containerd CRI — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull
Impact A bug was found in containerd where the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via a plugin that consumes container labels for some operations. Patch...
ROOT-APP-PYPI-CVE-2025-69227 CVE-2025-69227 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-69227 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-43072 CVE-2026-43072 in rootio-linux - Patched by Root
Root has patched CVE-2026-43072 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2023-52590 CVE-2023-52590 in rootio-linux - Patched by Root
Root has patched CVE-2023-52590 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-44958 CVE-2024-44958 in rootio-linux - Patched by Root
Root has patched CVE-2024-44958 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2022-49531 CVE-2022-49531 in rootio-linux - Patched by Root
Root has patched CVE-2022-49531 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-38022 CVE-2025-38022 in rootio-linux - Patched by Root
Root has patched CVE-2025-38022 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
BIT-MARIADB-2026-44172 MariaDB: mysql_real_escape_string() incorrectly handled big5
MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...
@angular/core: Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)
An issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component creation. Specifically, the dynamic component instantiation mechanism createComponent failed to reject mounting components directly onto a or namespaced script element such as . This...
PT-2026-49556
Name of the Vulnerable Software and Affected Versions @babel/core versions prior to 7.29.6 @babel/core versions prior to 8.0.0-rc.6 Description Compiling maliciously crafted code using @babel/core can allow an attacker to read any source map from the system. This occurs when the attacker controls...
Linux Distros Unpatched Vulnerability : CVE-2026-41568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version...
CVE-2026-47263
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /webhookevents/ in Jobs::RedeliverWebHookEvents did not pass groupids, leaving the channel...
CVE-2026-47264 Discourse: Don't leak restricted tag group names via tag info
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializertaggroupnames returned every tag group a tag belonged to without filtering against the requesting...